﻿using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace WebApplication1
{
    public partial class WebForm1 : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
           
        }

        protected void Button1_Click(object sender, EventArgs e)
        {
            string constr = "server=.;uid=sa;pwd=123456;database=Student_db";
            SqlConnection connection = new SqlConnection(constr);
            connection.Open();
            string sql = "select * from StudentInfo where stu_name=@name and  password =@pwd";
            SqlParameter[] pars =
            {
                new SqlParameter("@name",name.Text),
                new SqlParameter("@pwd",pwd.Text)
            };
            SqlCommand cmd = new SqlCommand(sql,connection);
            cmd.Parameters.AddRange(pars);
            SqlDataReader sqlData = cmd.ExecuteReader();
            if (sqlData.Read())
            {
                Session["UserName"] = name.Text;
                Response.Redirect("WebForm3.aspx");
            }
            else
            {
                Literal1.Text = "登录失败，用户名或密码错误！";
            }
        }
    }
}